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(54) Method and system for modifying executable code to add additional functionality 



(57) A system for modifying a compiled executable 
code file by adding patches that add functionality when 
the modified executable code file is executed. The mod- 
ifying is performed without recompiling, relinking or re- 
writing the code file. Adding a patch involves creating a 
patch handler which when executed causes the patch 
statements to be executed, and may involve replacing 
one or more existing compiled instructions in the file with 
patching instructions to transfer flow of execution to the 
appropriate patch handler. The instructions replaced by 
the patching instructions can also be added to the patch 
handler. Patches can also include code statements 
which form a complete module, such as an invokable 
routine, which can be referenced by other patch state- 



ments to cause the module to be executed. Specialized 
trace requests can also be added as patch statements. 
The trace requests will make specified information 
about the current execution of the executable code file 
available to a software developer. Patch statements can 
include variables and expressions that will be evaluated 
in the context of the appropriate current variable scope, 
regardless of whether the scope is defined within the 
patch or by existing compiled instructions. After patches 
have been added, they can be disabled so as to prevent 
their execution without removing the patching instruc- 
tions from the compiled executable file. Patches can al- 
so be qualified with conditions such that the patch will 
be executed only when the conditions are true at the 
time of execution. 
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Description 



[000 ] The present invention relates generally to effi- 
ciently creating executable software, and more particu- 
larly to mod.fy.ng compiled executable files to add addi- 
tional functionality. 

[0002] In the past, creating executable software code 
could be a t.me-consuming task. The typical code cre- 
at.on process involved first creating a source code pro- 
gram ft e a series of lines of program statements in a 
high-level computer language) with a text processing 
program, compiling and linking the source code (some 
times with an intermediate assembling step) to create 
executable code (i.e., a series of machine language in- 
s ructions) for a specified computer processor, and then 
stor.ng the executable code in an executable file The 
executable code could then be debugged by executing 
he executable file on the specified computer processor 
to determine if the software performed its task correctly 
or .f .nstead it had one or more errors (i.e., bugs) If the 
executable code had errors, a software developer would 
modrfy the source code in an attempt to remove the er- 
rors, recompile the source code, and then link the rec- 
omptled code to produce a new executable file for de- 
buggmg. For large software programs, this process was 
iterafively performed a large number of times until all 
known errors were removed. 

[0003] In many cases, the cause of an error (eg a 
m.stake in the program logic) is not obvious from'exe- 
cut-ng the executable file, ^rious options existed for a 
software developer to identify errors. For example a 
so tware developer could add print statements through- 
out the source code so that as the corresponding exe- 
cutable .print instructions are executed (after compiling 
and l.nk,ng). they would report the current progress of 
the execution. Knowledge of the current execution 
progress assists in identifying the section of the code 
wh,ch was executing when an error occurred. In addition 
to merely reporting execution progress, print statements 
can also d.splay the current value of variables or source 
code expressions at specified points throughout the ex- 
ecution. Since the print statements were part of the orig- 
inal compilation/linking process, the variables and ex- 
presses that were part of the print statements would 
be evaluated in the context of the current variable scope 
(e.g., us.ng the value of a local variable .n a currently 
execut.ng function rather than a variable with the same 
name .n a different non-executing function), as would 
any other compiled code statement 
[0004] In addition to print requests, application pro- 
grams known as debuggers were developed to provide 
add.fional control over execution of executable files A 
debugger loads executable code into memory and then 
controls execution of the executable code. For example 
the debugger can execute a single executable code in- 
s ruction a. a time. Alternately the debugger can exe- 
cute the executable code continuously until a break 
point designated within the debugger is reached Such 
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debuggers can also use additional information stored in 

zitt t fi,e durin9 ,he compii ^ — *£S 

steps to reconstruct and display the source code lines 
that correspond to the instructions in the executable 
code The display of the source code facilitated con^ 
by the software developer of the execution of the exe 
cutable code (e.g., setting a breakpoint at a particular 
port « the source code). When execution of the exe 
u ab e code is stopped, a user can .nteract with the de 

sions n CUrfent Va,USS °' Variab,6S and e W 

th! 0 V , add ;"° n ' somedebu 99ers allows user to view 
the effects of temporarily modifying a source code line 
Nonetheless, although such debuggers can assist wTh 
locating errors in executable compiled code, recomp 

0005, Tl'l nSeded t0 fiX errors tnat are «*ated 
2S5 . . l ° ' he USS °' debu 99ers. other tech- 
n ques have been developed to modify the functional 
of comp.led code without requiring a full recompS 
and Unking. One technique involves relinking previously^ 
comp .led code with different code than was previou S t 
used for i.nk.ng {e . g „ using an ^ 

L.b ary or replac.ng a stubbed routine with a functional 
rout^e, , n this situation, no changes are made tTe 
prev.ously compiled code, bu, changes in the ove^ 

eZT T aNty ° CCUr dU0 to *» op- 
erafion of the newly linked code. However, this tech- 
n.que „ no. typically useful in modifying errors in the 

or .nflex,bly adding functionality to an executable fife a 
J.T^T SPeCified ,OCaM ° n (sinCe ° n,v P^iously 

SSL i. h J le ° hniqUe t0 modif y the '"^tonality 
of compiled code wrthout requiring recompilation and 
Wong .nvo.ves rewriting an executable file. RathSthan 
mod.fy.ng an existing file, rewriting involves creating an 
enfirely new executable compiled file based on an ex 

S eXeC f Utab ' e ReWriti ° 9 an execu,abl « does 
atownewfunchonalityto be addedto an executable file 
a a user-specfied location because new compiled in 

new file, and the specific mechanisms for adding in- 
structs (e.g., adjusting offsets in existing instructions) 
typically vary on each type of processor ' 

Eh !T en execu,ab,e code « created for an 
embedded system (e.g.. an embedded controlier for 
manufacture equipment), the problems with software 
code create are exacerbated. Such embedded sys 
terns may include only a CPU and memory, without hav- 
ing access to other standard computer system compo- 
nents such as a keyboard or disptay. in addition, stand- 
ard a P p| 1C a„on programs such as text processors and 
debuggers may no. be available for an embedded sys- 
tem. In his env,ronment. the source code will typically 
be created on a host computer system separate from 
the embedded target system. This al.ows a user app" 

carte Th 35 3 tSX * Pf0CeSSOr 10 Create ^ sou'e 
code The source code is then compiled for the target 
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embedded computer system and transferred (e.g., over 
a network) to the embedded system for execution and 
debugging. When an error occurs during execution of 
the executable code on the embedded system, the lack 
of standard computer system components and applica- s 
tion programs on the target system make it extremely 
difficult to determine the cause of the error Even obtain- 
ing information about the current state of the execution 
at the time of the error is typically difficult. Moreover, 
even if such information is available, it will need to be io 
transferred back to the host computer system where 
modifications to the source code can begin another 
compile/link/transfer/debug cycle. 
[0008] In accordance with one aspect of the present 
invention, a method and system are provided for modi- is 
tying a compiled executable code tile so as to add func- 
tionality when the modified executable code file is exe- 
cuted. The modifying of the executable code file is per- 
formed without recompiling, relinking or rewriting the ex- 
ecutable code file, in particular, the system allows a user 20 
to indicate changes to be made to the compiled execut- 
able file, including adding code statements to the com- 
piled executable file and manipulating previously added 
code statements in a variety of ways. Each set of code 
statements which aro to be added is referred to as a 2s 
patch, with each statement in a patch being referred to 
as a patch statement. After the patches have been spec- 
ified, the system modifies the compiled executable code 
in a non-transitory manner such that the patch state- 
ments will be performed when the modified executable 30 
code is executed in the future. This manner of modifica- 
tion allows the traditional compile/link/debug cycle to be 
avoided, thus providing significant time savings. 
[0009] Adding a patch to a compiled executable code 
file involves creating a patch handler which when exe- 35 
cuted causes the patch statements to be executed and 
which may additionally perform various housekeeping 
functions. The patch statements may be stored in an ex- 
cutable machine-independent non-compiled format, 
and it so are interpreted when executed on a target com- *o 
puter. Adding a patch may also involve replacing one or 
more existing compiled instructions in the compiled ex- 
ecutable code file with patching instructions which, 
when executed, will transfer flow of execution to the ap- 
propriate patch handler loaded in memory. When a 
patch is intended to be executed in addition to the ex- 
isting compiled instructions (rather than substituting for 
one or more instructions), the existing instructions re- 
placed by the patching instruction can be added to the 
patch handler so that they will be executed in addition so 
to the patch statements. The patching instructions can 
directly identify the memory location of a patch handler, 
such as with a transfer instruction. Alternately, the 
patching instructions can include a unique reference to 
the appropriate patch handler, and if so the appropriate 55 
memory location for the referenced patch handler will 
not be determined until the time of execution. Patches 
can also include code statements which form a com- 



plete module, such as an invokable routine, which can 
be referenced by other patch statements to cause the 
module to be executed. In addition, patch statements 
can include variables and expressions that will be eval- 
uated in the context of the appropriate current variable 
scope, regardless of whether the scope is defined within 
the patch or by existing compiled instructions. Finally, 
specialized trace requests can also be added to the 
compiled executable code as patch statements. The 
trace requests will make specified information about the 
current execution of the executable code file available 
to a software developer, such as by storing it on a local 
trace log file or transmitting it electronically. After patch- 
es have been added, they can be disabled so as to pre- 
vent their execution without removing the patching in- 
structions from the compiled executable tile. Patches 
can also be qualified with conditions such that the patch 
will be executed only when the conditions are true at the 
time of execution. 

[0010] In accordance with one aspect of the present 
invention, the system modifies on a target computer a 
compiled file executable on the target computer, with the 
compiled file including a plurality of compiled instruc- 
tions. The modifying is performed under control of a 
source computer, and it involves first loading the com- 
piled file onto the target computer and then receiving an 
indication to modify the compiled file by adding at least 
one instruction to be executed upon execution of the 
compiled file. The system then creates a patch group 
having instructions including the indicated instructions. 
The system then modifies the compiled file on the target 
computer by replacing an instruction in the compiled file 
with a patch instruction, and loads the patch group into 
a portion of memory on the target computer distinct from 
the memory in which the compiled file is loaded. The 
system then executes on the target computer the in- 
structions in the modified compiled file by, when an in- 
struction to be executed is the patch instruction, indicat- 
ing one of the plurality of instructions in the loaded patch 
group as a next instruction to be executed. 
[0011] For a better understanding of the present in- 
vention and to show how the same may be carried into 
effect, reference will now be made by way of example 
to the accompanying drawings, in which:- 
[0012] Figure 1 is a block diagram illustrating an em- 
bodiment of the Code Patcher system of the present in- 
vention. 

[0013] Figures 2 A and 2B illustrate an example of 
patched software code. 

[0014] Figures 3A and 3B illustrate examples of 
source code in an executable computer-independent 
non-compiled parse tree format. 
[0015] Figure 4 is an exemplary flow diagram of an 
embodiment of the Command Subsyst m routine. 
[0016] Figure 5 is an exemplary flow diagram of an 
embodiment of the Process Patch Request subroutine. 
[0017] Figure 6 is an exemplary flow diagram of an 
embodiment of th Patching Subsystem routine. 
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Iml 9 i- Fi9 , Ur ? 8 iS 3n exem P»^y flow diagram or an 
embedment of the Patch interpreter Subsystem rou- s 

S Fi9Ufe 9 iS 30 exem P'^ "ow diagram of an 

22T ,he Execu,e Patched Execu?abie c ° d * 

SS ] A " e ^ bodiment 0' the present invent/on pro- ro 

e eo Ut a ab 7 e e ^ n ' ^ ** """^ a 
"""table code f.le so as to add functionality when the 

mod fed executable code file is executed The mci fv 
ing o the executable code «. is performed wThoTec- 
omp^g. relinkjng or r fhe exec t rec 

'n part.cu.ar, the Code Patcher system loads compJed 
executable code hto memory on a targe, SJSE and 
a lows a user jndjcate patches t<j J^^™ 

2 !f e , CUtab ' e Th6Se Pa,ches can adding 

Sinssi^ • compi,ed insiructi ° ns « ^ ° - 

S mln^K COmP " ed execu ^"e Hie. In one em- 
bodment, the source code lines corresponding to the 

hZlndT" teb,e inS,rUCli ° nS in ,he « te - S 
mZ ,u I" 6 USSr ran indicate »» changes to be 
made ln the displayed source code. After the patches m 
have been .ndica.ed, the Code Patcher system modifies 
the compiled executable code in a non-.LsZ man 
ner such that the patches wif, be performed ZnZ 
modified exeeutabfe code is executed in the future This 

SEEL T fca,ion a,,ows ,he ,radrtiona( » 

[0022] Figure 1 illustrates an embodiment of a Code 

100 thlf 6 ° CCUrS on a host "^P"ter system 3 5 

100 that is separate from a target computer system 150 
on which the patched executable code is to SS? 
Compiled executable code files to be patched 
cod?" t K nS ^ CfonS WhiCh are execu, able as na fJe 
whlh 1 ° f tar9e ' COmputer s ^ 150. and 40 

the CPU ^ " " 0t ^ 6XeCUtab,e 38 native «^ on 
h! S , ° 5 St C ° mpu,er sys,em 10 °- m addition in 

he s^ elS PrOC6SSOr h a » in »™ are 

ion ^™ 6m0ry Space as ano, her compi.ed instruc- 
mach^ T' ^ St3tementS are conve « ed '"to a 
execId'T Penden ' non « n »*«» f °«™ 'ha. wil. be 
executed interpretively on the target computer system 

stated f h an Wi " ap P feciate ^at c 0d e so 
ToTpT, a,tema,ive, y compiled and that the 
C^ePatchersystem 133 is no. limited, opatch ingcode 
tor RISC processors. 

[0023] The host computer system 100 includes a CPU 
10, .nput/outputdevices 120,amemory 130,andabus ss 
05. The inpu^output devices incfude a storage device 
126^ a network connection 122. a display 124 and a 
keyboard 1 25. The Code Patcher system 1 33 is execu. 



xe IS ' ^ C3n b6 used to -tch compifed 
Z iTlZ ^ ef " e " uch a«compiled executable code 
We 132 stored on the storage device 126. The Code 
Patcher system , 33 can also be stored on a storaoe de 

ZT1 SUCh 38 St0raoe devic * ti Se be" 
no loaded into memory 130, and the compiled exe Cu t 
able code file 1 32 may also be loaded into memo" ^" 

«y W, ana a bus ,55 The inpw/outp,,, de *« no 

A Patch Interpreter Subsystem 181 is executino in 
memo 180 to assist in the execution of one o r 2 re 

Z nt ZT bie C ° de WeS ° n taf 9 et computer ™" 
tern 150. The executable code file 132 is loaded into 
memory 180 when i, is to be executed. Af terSe ^xecuf 
able code file is patched and becomes patched execut- 
able code file 18 2, the patch handlers 1 84 ano cSe 
fragment execu.ab.es 186 mat are associated wfthT 
patched executable code file are a.so toaded into m^ 
ory 180^ The mem 0l y 180 also includes some or all of 

local'Tsf ? b ' e 188 ^ «"* ™ 
locations associated with various identifiers are store J 

In 3 I™ 9 L ° 9 189 in wh ich information S b 6 
stored by the Patch interpreter Subsystem 181 foT Ler 

Z^tTT embodimem ' Link 

deWce a 7f ndT r eL ° 9l89COU,dbesto ^ 

system 18, ol 1°°^ * ^ ' n,erprS,er Sub " 

sCstem 18 V TlT^ ^ Pa,Ch ,nter P^ 
™. 'h 4, 81 • Patched executable code file 182 

S ea TZZTJ"* COde -ecutabS 
s^h «c c ^ ° n 3 Stora 9 e device (not shown) 

memo" So^ ^ ^ ^ 2 

SSd thrcorc' 6 *?? Pa,Chers V s ^ 133 is first in- 
voKed, the Command Subsystem 134 provides a u SPr 

em ioo TheCommand Subsystem 1 34 allows the U s er 
to specfy a compiled executable code file ?! ta to Z 

!Tls?fIr , . ° rma,bn ,r0m execu,abte code 
me 132 (eg., from the symbol table) to allow a r«™ 

^ondencetobe established between I ^ ^ 

ecutable code instructions in the file and the orioinal 

STuSur (notshown) ,rom ^ icb •^ss 

tem 1 ^ 1 ^ WaS Cfea,ed The Comma nd Subsys- 
tem , 34 then delays the source code to the user and 
allows „ to specjfy a ya ^ ^^user and 

[0026] After specifying compiled executable file 1 32 
user can use the Command Subsystem 134 to modt 
"» lo by specifying patches. Each set o, code^e 

^ r;:r ,erred to as a pa " 
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greater detail below, adding a patch to a compiled exe- 
cutable code file involves first creating an executable 
patch handler which causes the patch statements to be 
executed (and which may additionally perform various 
housekeeping functions) and then replacing one or 5 
more existing compiled instructions in the file with a 
patching instruction to transfer flow of execution to the 
patch handler. 

[0027] In the illustrated embodiment, patch state- 
ments are stored in an executable machine-independ- to 
ent non-compiled formal, and are interpreted (i.e., inter- 
pretively evaluated) by an evaluator when executed on 
target computer system 150 Patch Interpreter Subsys- 
tem 181 acts as an evaluator in the illustrated embodi- 
ment. Evaluators can be efficiently provided to a variety '5 
of target computer systems by cross-compiling an ex- 
isting evaluator for each of the target systems. In an al- 
ternate embodiment, patch statements are stored as the 
original lines of source code and a source code inter- 
preter (not shown) on target computer system 150 is 20 
used to interpret the patch statements. In yet another 
embodiment, patch statements are compiled for target 
computer system 1 50 before execution and are then ex- 
ecuted natively on the target computer system. 
[0028] A specified patch can take a variety of forms, 25 
such as substituting one or more new code statements 
for one or more existing compiled instructions or lines 
of source code. After they are substituted for, existing 
compiled instructions will no longer be executed. Rather 
than substituting new code statements, a specified 30 
patch can also be added such that it is executed in ad- 
dition to the existing compiled instructions, including 
even the instructions replaced by patching instructions. 
This is accomplished by adding the replaced instruc- 
tions to the patch handler for the patch. Multiple lines or 35 
instructions can be included in a patch, even when sub- 
stituting for a single instruction or when no instructions 
are being substituted for. Some patches include code 
statements which form a complete module, such as an 
invokable routine. If such a module is being added so *o 
that it can be invoked by other code statements, rather 
than to be directly executed at a designated location, it 
is not necessary to use patching instructions to execute 
the module. Instead, other patch statements can refer- 
ence the module and thus transfer flow of execution to 
the module. 

[0029] Other patches include one or more code state- 
ments which do not form a complete module, referred 
to as a code fragment. Such patches will typically re- 
quire that a patching instruction be added so that flow so 
of execution reaches the code fragment. However, if a 
patch handler including a code fragment is referenced 
by another patch handler, the code fragment may not 
directly require a patching instruction for it to be execut- 
ed. In addition, patch statements can include variables ss 
and expressions that will be evaluated in the context of 
the appropriate current variable scope, regardless of 
whether the scope is defined within the patch or by ex- 



isting compiled instructions. Access to various informa- 
tion for the compiled executable code file to be patched, 
such as the symbol table, may be needed to resolve ref- 
erences to variables. 

[0030] In addition to adding code statements, special- 
ized trace requests can also be added to a compil d ex- 
ecutable code file as patch statements. For some target 
computer systems, such as embedded systems without 
a display, it can be difficult to gather information about 
execution of executable code since traditional output 
mechanisms (e.g., print statements) are unavailable or 
are difficult to use. The trace requests will store specified 
information about the current execution of the executa- 
ble code file in a manner that is accessible to a software 
developer. For example, if the executable code file is 
being executed on an embedded computer system, the 
trace mechanism can store execution information in a 
trace log file on the embedded computer system for later 
retrieval, or can transmit the information to a separate 
computer system for access there. The specified infor- 
mation for a trace request can also include variables and 
expressions that will be evaluated in the context of the 
current variable scope at the time of their execution. In 
addition to reporting the current values of variables and 
expressions, the trace requests can be used to track 
each time that a particular instruction or block of code 
is executed. For example, the first instruction in an in- 
vokable procedure can be patched with a trace request 
indicating the current values of the procedure parame- 
ters. 

[0031] When a patch is to be added to compiled exe- 
cutable code file 1 32. the user indicates the patch state- 
ments for the patch as well as where the patch is to be 
added (e.g., in a particular function or at a specific 
source code or compiled instruction location). In the il- 
lustrated embodiment, a patching instruction need re- 
place only a single existing instruction since all RISC 
instructions are the same size. The user also specifies 
whether the patch is to substitute for existing compiled 
instructions or is to be added in addition to the existing 
instructions. In addition, when a patch is being added in 
addition to existing instructions, it is determined or spec- 
ified whether the patch is to be added before or after the 
existing instructions. When a function is indicated as the 
patch location, the patch is added at the first instruction 
for the function (i.e., the patching instruction replaces 
the first instruction for the function). When a source code 
line is indicated, the Command Subsystem 134 identi- 
fies the one or more corresponding compiled instruc- 
tions. If multiple instructions correspond to a source 
code line, one or more of the compiled instructions are 
selected to be replaced by the patching instruction. The 
determination of whether the patch is to be added before 
or after the existing instructions may aff ct which of the 
multiple corresponding instructions are selected (e.g. , if 
the patch is added before the instructions, selecting the 
first of the multiple corresponding instructions). 
[0032] The Command Subsystem 1 34 also allows the 
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user to perform actions on existing patches, such as to 
group patches together and to manipulate them either 
ind/v.dually or as a group. For example, a patch previ- 
ously added to the compiled executable code file can 
be disabled so as to prevent its execution. Patches can s 
also be qualified with conditions such that the patch will 
be executed only when the conditions are true at the 
time of execution. In addition, different patches can be 
grouped together and each group can be manipulated 
m the same manner as a single patch. For example, all w 
patches in a group can be enabled or disabled, or can 
be saved for later use. This ability to group, disable/en- 
able, and qualify patches without recompiling the file al- 
lows trace requests to be turned on or off in a simple 
and efficient manner, greatly simplifying debugging Fi- is 
nally, a user can also use the Command Subsystem 1 34 
to retrieve and view previously created trace informa- 
tion, such as from a trace log 

f0033J After all the patches have been specified and 
heuserisreadyloexecutethecodefile 132aspatched so 
the Command Subsystem 134 notifies a Patching Sub- 
system 1 36 of the patches and notifies a Code Fragment 
Executables Subsystem 138 of the code statements 
from the patches. The Code Fragment Executables 
Subsystem 1 39 converts each sequence of ono or more 2S 
code statements it receives into a code fragment exe- 
cutable 186 in an executable machine-independent 
non-compiled format. Code fragment executables can 
be executed in an interpreted manner on any target sys- 
tem with an evaluatorfortheformat. In one embodiment 30 
he code fragment executables are stored as parse 
trees as is illustrated further with respect to Figures 3A 
and 3B. Each code fragment executable will be associ- 
ated with the corresponding code file being patched 
and will also have a unique identifier by which it can be 3S 
referenced. For example, other statements can use the 
unique identifier for a code fragment executable repre- 
senting a module to invoke the module 
[0034] After creating the code fragment executables 
186 for the code statements in the patches, the Code 40 
Fragment Executables Subsystem 133 then transfers 
the created code fragment executables to target com- 
puter system 150 and updates Link Translation Table 
188. Link Translation Table 188 includes a reference for 
each symbol in each of the code fragment executables « 
186 which can be referenced by statements outside the 
code fragment executable (e.g., the unique identifier for 
a code fragment executable and any exported symbols 
that can be referenced outside the code fragment exe- 
cutable). Those skilled in the art will appreciate that in so 
an alternate embodiment, Link Translation Table 188 
could be stored in an alternate location such as on the 
host computer system 100. In addition, those skilled in 
the art will appreciate that the code fragment executa- 
bles 1 86 could initially be stored on storage device 1 26 ss 
before being transferred, and could be transferred di- 
rectly to memory 180 or first to storage device 171 
[0035] When the Patching Subsystem 1 36 receives 



not-fica ,on of the patches from the Command Subsys- 
tem 134. the Patching Subsystem 136 creates the ap- 
propriate patch handlers 184 and places patching in- 
structions in the appropriate locations in the compiled 

thePafh 6 "V? ' n additi ° n ' in SOTe ■"*odZ£ 
the Patching Subsystem 136 can allocate and deallo^ 

cate computer system resources on the target computer 
system 150 needed for the patch handlers 184 7*7 
memory in which to load the patch handlers). The Patch- 
ing Subsystem 136 first transfers the compiled execut- 
able code file 132 to the target computer system 150 
Aftercreabngthepatch handlers 184, the Patching Sub- 
system 136 transfers the patch handlers 184 to the tar- 

?a e We°Z Ul a erSyS,em 15 °' 3nd Updates Link Translation 
rabte 188 as necessary to include references for the 

path handlers 184. The Patching Subsystem 136 also 
modifies the compiled executable code file on the tarqet 
computer to include the patching instructions, thus cre- 
ating patched compiled executable code file 182 Those 

SSl^r"! "? apprecia,e lhal ,he pa,ch hand,ers 

184 could initial* be stored on storage device 126 be- 
fore being transferred, and could be transferred directly 
to memory 180 or first to storage device 171 
J0036] In particular, at each location in the executable 
code file 132 whereapatch is toboadded, the Patching 

ton with a patching instruction, thus removing the re- 
Ptacec instruction from patched compiled executable 

alternate embodiment, an already-patched code file 

IS** t 182 COUW haVe P a,ch <* a^ed 

In hat embodiment, an old patching instruction could be 
se acted as the instruction to be replaced with a new 
patching instructor If the new patch is intended to sup- 
plement rather than substitute for the previous patch 
he replaced old patching instruction can be added to 
the new patch handler so that the old patch handler will 
be also executed. Each patching instruction alters the 

flowoexecutiontoanappropriatepatch handler so that 
the patch statements for the patch will be executed 
[0037] In one embodiment, each path has a distinct 
Patch handler, while in an alternate embodiment a single 
patch handler can handle all patches. Thus, when the 

owoexecutionreachesapatching instruction, execu- 
tion will be transferred to and will continue at the appro- 
pnate patch handler. In some embodiments, the patch- 
ing .nstructions are transfer statements (eo jump 
goto i. branch, call, etc.) which specify an explicit memory 
tartan (either directly or via an offset) in which the 
patch handler will be executed. In alternate embodi- 
ments, the patching instructions include a unique refer- 
ence to the appropriate patch handler, and the appro- 
priate memory location for the referenced patch handler 
is determined from Link Translation Table 188 at thetime 
of execution. In yet other embodiments, the patching in- 
strucons are trap instructions, and the appropriate 
memory location for the referenced patch handler is de- 
termined from a return Program Counter map. Thus in 
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these embodiments the patching of compiled executa- 
ble file 132 is performed without recompiling, relinking 
or rewriting the file. 

[0038] In addition to inserting patching instructions. 
Patching Subsystem 1 36 must also create appropriate s 
patch handlers 184 so that the patch statements are ex- 
hibited when flow of execution is transferred to the patch 
handler. Each patch handler 184 will first save the cur- 
rent state of execution (e.g., register and stack values) 
if necessary, and then include the code fragment exe- '0 
cutables and/or trace requests to be executed for the 
patch If the patch is to be added to compiled executable 
code 132 rather than substituting for the compiled in- 
struction replaced by the patching instruction, the re- 
placed instruction must also be added to the patch han- '5 
dler so that it will be executed. For example, if the patch 
is to be added after the replaced instruction, then the 
replaced instruction would be added at the beginning of 
the patch handler before any of the patch statements. 
Alternately, if the patch is to be added before the re- 20 
placed instruction, the replaced instruction would in- 
stead be added after the patch statements. Finally, the 
patch handler will, if necessary, restore the saved state 
of the computer and will then return the flow of execution 
to the instruction in the compiled executable code after 2s 
the patching instruction. 

[0039] Similarly to the created code fragment execut- 
ables 1 86, each patch handler 1 84 will be uniquely iden- 
tified in some way so that it can be referenced by its 
associated patching instruction. In one embodiment, a 30 
patch handler will always be loaded at a specific location 
in memory 1 80 on target computer system 1 50, and thus 
the patching instruction can explicitly indicate that mem- 
ory location when the patching instruction is added to 
the patched compiled executable file 182 by the Patch- 35 
ing Subsystem 136. This memory 180 location can be 
identified at the time the patch handler 1 84 is created if 
the Patching Subsystem 136 performs memory man- 
agement for the target computer system 150 in which it 
can allocate and deallocate blocks of memory. Alter- 40 
nately, the Patching Subsystem 1 36 could request that 
the target computer system 150 allocate a block oi 
memory 180 and provide the memory location informa- 
tion to the Patching Subsystem 136. In an alternate em- 
bodiment, patch handlers 184 are loaded into different *s 
locations of memory 180 with each execution of the 
patch d executable code file 182. In that embodiment, 
Link Translation Table 188 can be used to map a unique 
identifier for each patch handler 1 84 to its current loca- 
tion in memory 180. In a similar manner, code fragment 50 
executables 186 can be stored with patch handlers 184 
and loaded into the memory block for the patch han- 
dlers, or can instead be loaded into separate locations 
in memory 180. If loaded separately in memory 180, a 
patch handler can merely reference a unique identifier 55 
for a code fragment executable, and Link Translation Ta- 
ble 1B8 can be used to identify the current memory lo- 
cation at which to access the code fragm nt executable. 



In another embodiment, patch handlers 184 and code 
fragment executables 186 are loaded into different lo- 
cations of memory 180 with each execution of the 
patched executable code file 182, but rather than using 
Link Translation Table 188 the patched compiled xe- 
cutable file 132 is modified before each execution so 
that identifiers are replaced with the current memory lo- 
cation for the associated item. 

[0040] When the patched executable code file 182 is 
to be executed, the Patch Interpreter Subsystem 181 on 
the target computer system 150 controls the execution. 
In particular, the Patch Interpreter Subsystem 181 en- 
sures that compiled instructions are executed as com- 
piled native code on target computer system 150, while 
patch statements (if stored in machine-independent 
form) are interpreted. The Patch Interpreter Subsystem 
181 also uses Link Translation Table 188 to resolve ref- 
erences to symbols, modules, code fragment executa- 
bles, and patch handlers as necessary. Thus, if a patch- 
ing instruclion merely references the unique identifier for 
a patch handler 1 84, the Patch Interpreter Subsystem 
181 will identify the memory location of the patch han- 
dler and transfer flow of execution there rather than try- 
ing to execute the patching instruction as native code. 
As trace requests are encountered during execution, the 
specified information for the trace request is stored in 
an appropriate manner, such as in Trace Log 189. The 
Patch Interpreter Subsystem 181 performs its interpret- 
ed evaluation in a manner so as to ensure that variables 
and expressions are evaluated in the context of the ap- 
propriate current variable scope. In one mode, the Patch 
interpreter Subsystem 181 works independently without 
external influence. In an alternate mode, a user on the 
host computer system 100 can use the Command Sub- 
system 1 34 to interact with Patch Interpreter Subsystem 
181 and to control execution of the patched executable 
file 182. 

[0041] In one embodiment, the target computer sys- 
tem 150 is an embedded computer system, the Code 
Patcher system 1 33 is part of a debugger on the distinct 
host computer system 100, and the compiled executa- 
ble file 1 32 is a terminal emulator to be executed on the 
embedded system. In this embodiment, the Code 
Patcher system 1 33 allows a user to perform normal de- 
bugging functions (e.g., single stepping through a com- 
piled program) but also allows the user to interactively 
modify an existing compiled executable code file in a 
permanent manner without requiring a compile/link/ 
transfer/debug cycle. The user can also manipulate the 
patches in a variety of ways in this embodiment. For ex- 
ample, a patch can be added to the compiled executable 
code file but can be disabled. In this situation, the func- 
tionality added by the patch is not executed while the 
patch is disabled, either by replacing the patch with the 
original patched instruction or by indicating to the Patch 
Interpreter Subsystem 181 to not execute the patch 
statements. In addition, different patches can be 
grouped together and each group can be manipulated 
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in the same manner as a single patch. For example, all 
patches in a group can be enabled or disabled, or can 
be saved for later use. Patches can also be qualified 
with conditions such that the patch will be executed only 
when the conditions are true at the lime of execution. 
[0042] In addition to significantly reducing the time 
needed to create source code, the Code Patcher system 
1 33 can be used for a variety of other purposes. For ex- 
ample, an executable code file may have been incom- 
plete when compiled. In this situation, references to 
symbols (e.g., variables or (unctions) may have been 
stubbed at the time of compilation The Code Patcher 
system 1 33 can be used to replace the stubs with refer- 
ences to code fragment executables In addition, addi- 
tional functionality can be added even to compiled exe- 
cutable code files that lack errors For example, a graph- 
ical user interface could be added toan executable code 
file with only a command-line interpreter, or new func- 
tionality can be added to handle inputs or situations not 
anticipated at the original time of compilation. Those 
skilled in the art will appreciate that any such type of 
functionality can be added using the Code Patcher sys- 
tem 1 33. Those skilled in the art will also appreciate that 
computer systems 100 and 150 are merely illustrative 
and are not intended to limit the scope of the present 
invention. The computer systems may contain addition- 
al components or may lack some illustrated compo- 
nents. Accordingly, the present invention may be prac- 
ticed with other computer system configurations, includ- 
ing a single computer system 

[0043] As an illustrative example of patching compiled 
executable code, consider Figures 2A and 2B. Figure 
2A illustrates sequences of compiled instructions from 
a compiled executable code file. For readability, a cor- 
responding source code line is shown for each instruc- 
tion. Those skilled in the art will appreciate that the par- 
ticular source code lines are merely illustrative. Figure 
2B illustrates the same compiled executable code file 
after various patches have been added. In particular, 
five patches, including a code fragment executable 
module, have been added to the original compiled exe- 
cutable code file. 

[0044] Patch 1 demonstrates a patch that adds a trace 
request before instruction N. As is shown in Figure 2B, 
instruction N is replaced in the compiled executable 
code file with a patching instruction that indicates to 
transfer flow of execution to a patch handler for Patch 
1. When execution is transferred to the patch handler 
for Patch 1, the patch handler first saves the current 
state of the target system on which execution is occur- i 
ring. The patch handler then issues a trace request for 
a designated string of information. The original patched 
instruction, instruction N, is then executed in the patch 
handler. Thus, Patch 1 executes the trace request in ad- 
dition to, rather than substituted for, the replaced in- * 
struction N. After executing instruction N. the original 
state of the computer system is then restored before the 
flow of execution is returned to instruction N+1 . Those 



skilled in the art will appreciate that an execution such 
as the trace request can be performed in a variety of 
ways, such as by writing the specified information to a 
file or by sending the information to another computer, 
s such as in a message object or as text in an email mes- 
sage. Alternately, trace information can be output using 
any other communication means (e.g., pager, cellular 
phone, display device, etc.). Note that although the trace 
request in Patch 1 did not include any variables or ex- 
10 pressions to be evaluated, instruction N will require the 
evaluation of the variables a and c. This evaluation will 
occur in the context of the appropriate current variable 
scope. 

[0045] Patch 2 reflects a patch which replaces instruc- 
ts tion N+3 with multiple patch statements, including both 
a trace request and a code fragment executable. Patch 
2 also demonstrates a patch that substitutes for an ex- 
isting instruction rather than adding patch statements, 
and thus existing instruction N+3 will be not executed in 
20 the patched executable code file. When flow of execu- 
tion is transferred to the patch handler for Patch 2, the 
patch handier first saves the current target computer 
system state. The-patch handler then executes the 
trace request and the code fragment executable as 
25 shown. Note that this trace request will require the eval- 
uation of variable a, which will be performed in the con- 
text of the appropriate current variable scope. The code 
fragment executable will be executed in an interpreted 
manner. After executing the various instructions in the 
30 patch handler, the original computer system state is re- 
stored before returning flow of execution to instruction 
N+4. 

[0046] As is shown in Figure 2B, the code fragment 
executable module labeled FN2 has also been added 

35 as part of the patch process. Patch 3 adds patch state- 
ments before instruction N+6, including a call to the 
newly created module. Patch 3 also illustrates that mul- 
tiple code statements can be executed within a patch 
handler (limited only by available memory on the target 

*o computer system). After flow of execution transfers to 
the patch handler for Patch 3, the appropriate computer 
system state is first saved. Next, the code fragment ex- 
ecutable for the code statement ■b=b-1' is executed in 
an interpreted manner. The next patch statement calls 

*5 module FN2 with the variable b as a parameter. Flow of 
execution will then transfer to the code fragment exe- 
cutable for module FN2, at which time instructions M, 
M+1, and M+2 will be executed in sequence in an inter- 
preted manner. Upon execution of the return statement 

>o in instruction M+2, the flow of execution will return to 
instruction N+6 in the patch handler for Patch 3. After 
restoring state for Patch 3. the flow of execution will re- 
turn to instruction N+7 in the patched compiled execut- 
able code file. Those skilled in the art will appreciate that 

•s each of the patch handlers can return flow of execution 
to the compiled instructions in a variety of ways, such 
as using a return statement or explicitly using the mem- 
ory location of the next compiled instruction. In addition, 
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in one embodiment each code statement has a separate 
code fragment executable, while in another embodi- 
ment the various code statements in a patch handler are 
combined into a single code fragment executable. 
[0047] Finally. Patch 4 illustrates that compiled func- 5 
tions can be patched and traced in a manner similar to 
that of -any other compiled instruction. For example, if a 
user desires to trace all invocations of the function FN1 , 
Patch 4 can be added before the first instruction of the 
function, instruction P. The trace requests in Patch 4 il- 10 
lustrate that when the variable X is evaluated, it will be 
evaluated using the current variable scope of function 
FN1 , but that the global variable Y will be evaluated us- 
ing the appropriate variable scope for Y, which may be 
the entire program rather than the local scope of function 1$ 
FN 1 . Those skilled in the art will appreciate that a variety 
of other patches are possible 

[0048] Referring now to Figures 3A and 3B, illustrative 
examples of code fragment executables stored in an ex- 
ecutable machine-independent non-compiled formal 20 
are shown. In particular, the exemplary machine -inde- 
pendent format shown are parse trees. In Figure 3A. the 
source code statement 'A - A + (B*3)' is shown, along 
with a corresponding parse tree that encodes this 
source code statement. The original source codo lino 2$ 
can be reconstructed by using depth-first search along 
the parse tree, using non-leal nodes only after the first 
child branch has been used. Similarly, Figure 3B illus- 
trates a possible parse tree for the source code function 
Swap as shown. As the parse tree is read from left to 30 
right and upwards from the leaf nodes, the appropriate 
order of statements for the Swap function is retrieved. 
Those skilled in the art will appreciate that a parse tree 
can be represented using different formats, and that 
parse trees are only one possible format for encoding 35 
executable machine-independent code fragment exe- 
cutables. 

[0049] Figure 4 is an exemplary flow diagram of an 
embodiment of the Command Subsystem routine 400. 
The Command Subsystem routine will receive a com- *o 
mand from a user to either patch a compiled executable 
code file such as code file 1 32 or to execute an already 
patched executable code file such as patched code file 
1 82. In an alternate embodiment, patches can be added 
to a compiled executable code file that already contains *s 
patches (and can even patch already patched instruc- 
tions), as well as to a compiled executable code file with- 
out patches. K the user is currently patching a compiled 
executable code file : the routine will accept a variety of 
trace requests and code fragments to be added to the so 
code file,, will combine multiple patches if they are to be 
add d at the same compiled instruction in the compiled 
executable code file, and will notify the Patching Sub- 
system 1 36 (Figur 1 ) and the Code Fragment Execut- 
ables Subsystem 138 (Figure 1) of the patches. If the ss 
user is executing an already patched executable code 
file, the routine can receive commands, relay them to 
the Patch Interpreter Subsystem 1 81 (Figure 1 ), and re- 



ceive and display to the user the results of the execution 
of the command. In one embodiment in which the Com- 
mand Subsystem 134 (Figure 1) provides interactive 
control over a patched executable code file, a user can 
determine whether or not to view the source code for 
patches (e.g., not viewing source code for disabled 
patches). 

[0050] The Command Subsystem routine begins at 
step 405 where a command is received from a user. The 
routine continues in step 410 to determine if the com- 
mand is to patch a compiled executable code file. If so, 
the routine continues to step 415 where it receives an 
indication of the executable code file to be patched. The 
routine then continues in step 420 to load information 
from the symbol table of the indicated executable code 
file, thus allowing the source code lines corresponding 
to the compiled executable code instructions to be dis- 
played to the user. The routine then continues to step 
425 where a request is received from the user that is 
related to patching the compiled executable code file. 
The routine continues in step 430 to execute the Proc- 
ess Patch Request subroutine to process the request. 
As is explained in greater detail with relation to Figure 
5, possible patch requests include adding various trace 
requests or code fragments, grouping and dogrouping 
patches, and manipulating previously created patches. 
After the patch request has been processed in step 430, 
the routine continues in step 435 to determine if there 
are more patch requests from the user. If so, the routine 
returns to step 425 to receive the next patch request. 
[0051] If there are not more patch requests from the 
user, the routine continues, to step 440 to sequence 
patches together when they will replace the same com- 
piled instruction. Since any given compiled instruction 
in the compiled executable code file can only be re- 
placed with a single patching instruction to a patch han- 
dler, multiple patches that have been associated with a 
single compiled instruction must be sequenced togeth- 
er. Additional steps may also need to be taken to ensure 
that all patches are executed and that the correct order 
of patch execution is followed. In the illustrated embod- 
iment, multiple patches associated with a single com- 
piled instruction are placed in a single patch handler for 
the patching instruction that will replace the compiled 
instruction. Alternately, multiple patch handlers could be 
used, with each palch handler transferring flow of exe- 
cution to the next patch handler in sequence and with 
the last palch handler returning the flow of execution to 
the compiled instruction following the patching instruc- 
tion. In either case, a sequence in which to execute the 
multiple patches must be selected. For example, all 
trace requests could be executed either before or after 
all code fragments. In the illustrated embodiment, the 
user indicates the sequence of patches when the patch- 
es are created. 

[0052] After step 440, the routine continues to step 
445 to notify the Patching Subsystem 136 of the patch 
sequences to be added to the compiled executable code 
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file, including sequences of a single patch. The routine 
then continues to step 450 to notify the Code Fragment 
Executables Subsystem 138 of the code fragments, in- 
cluding created modules, that have been added as 
patches to the compiled executable code file. The rou- 5 
tine continues in step 455 to determine if there are more 
commands from the user. If so, the routine returns to 
step 405 to receive a user command, and if not, the rou- 
tine ends at step 499. 

[0053] If it is instead determined in step 410 that the 10 
received user command is not to patch a compiled ex- 
ecutable code file, the routine continues to step 460 
where an indication of a patched compiled executable 
code file is received. This patched code file will be exe- 
cuted on an indicated target computer system. In the is 
illustrated embodiment, the patched code and any as- 
sociated patch handlers and code fragment executables 
will have been transferred to the indicated target system 
when the patching occurred. Alternately, the transferring 
could occur after step 460. The routine next continues 20 
to step 465 to determine if the patched code file is to be 
executed with interactive control by the user. If the 
patched executable code file is not to be executed in- 
teractively, the routine continues to step 470 where the 
Patch Interpreter Subsystem 181 is notified to execute 2s 
the patched executable code file without waiting for in- 
teractive commands. If instead it is determined in step 
465 that the patched executable code file is to be exe- 
cuted interactively, the routine continues instead to step 
475 where the Patch Interpreter Subsystem 181 is no- 30 
tified to execute the patched executable code file in an 
interactive execution mode. 

[0054] The routine next continues to step 480 to re- 
ceive an execution-related command from the user. 
Such commands could include setting or removing 35 
break points, checking the current values of variables 
and expressions, or stepping through the execution a 
single line at a time. In the illustrated embodiments, the 
manipulation of patches does not occur during interac- 
tive execution, but such functionality could be provided 40 
in an alternate embodiment. In step 485, the routine no- 
tifies the Patch Interpreter Subsystem 181 of the com- 
mand, and in step 490 the results of the command ex- 
ecution are received from the Patch Interpreter Subsys- 
tem 181 and are displayed to the user. The routine then *s 
continues to step 495 to determine if there are more in- 
teractive execution commands from the user. If so, the 
routine returns to step 480 to receive the next user com- 
mand. After step 470, or if it is determined in step 495 
that there are not more interactive execution com- so 
mands, the routine continues to step 455 to determine 
if there are more user commands. Those skilled in the 
art will appreciate that the Command Subsystem routine 
can be implemented in a variety of ways. For example, 
other top-level user commands than patching compiled S5 
executable code files and executing patched compiled 
executable code files could be processed by the routine 
Alternately, separate routines could be used to patch a 



compiled executable code file and to execute a patched 
compiled executable code file. 
[0055] Figure 5 is an exemplary flow diagram of an 
embodiment of the Process Patch Request subroutine 
430. The Process Patch Request subroutine receives a 
user request related to patching the compiled executa- 
ble code file, determines the type of patch request, and 
satisfies the patch request. In the illustrated embodi- 
ment, the user indicates source code tines correspond- 
ing to compiled instructions in the compiled executable 
code file for patch requests, and the Code Patcher sys- 
tem 133 selects the appropriate compiled instruction for 
the indicated source code line when performing the re- 
quest. 

[0056] The subroutine begins at step 505 where it is 
determined if the patch request is to add a trace request 
to indicate when a source code line is executed. If so, 
the subroutine continues to step 510 to add the trace 
request to an appropriate patch handier, which will be 
referenced by a patching instruction that replaces a 
compiled instruction corresponding to the indicated 
source code line. If it is instead determined that the trace 
request is not to trace a source code line, the subroutine 
continues to step 515 to determine if the patch request 
is to add a trace request to indicate when a function in 
the compiled executable code file is executed. If so, the 
subroutine continues to step 520 to add a trace request 
to a patch handler for the first instruction of the indicated 
function, if the patch request is not to trace a function, 
the subroutine continues to step 525 to determine if the 
patch request is to add a trace request for a specified 
expression at a particular source line. If. so, the subrou- 
tine continues to step 530 to add a trace request for the 
expression to a patch handler at the indicated source 
line. If the patch request is not to trace a specified ex- 
pression, the subroutine instead continues to step 535 
to determine if the patch request is to add a specified 
code fragment to the compiled executable code file. If 
so, the subroutine continues to step 540 to add the spec- 
ified code fragment executable to a patch handler at the 
compiled instruction corresponding to an indicated 
source line. The user can also indicate whether the 
patch is to substitute for the instruction or to be added 
in addition to the instruction, and when the patch is add- 
ed in addition to the instruction whether the patch is to 
be executed before or after the source code line. 
[0057] If it has been determined in steps 505, 515, 
525, and 535 that the patch request is not to add to the 
compiled executable code file patch statements that re- 
quire patch handlers, the subroutine continues to step 
545 to determine if the patch request is to create a code 
fragment module. If so. the subroutine continues to step 
550 where an mvokable code module with multiple 
source code statements is specified by the user, and an 
associated code fragment executable module is created 
for the patched executable code file. If it is determined 
in step 545 that the patch request is not to create a code 
module, then the subroutine continues to step 555 to 
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determine if the patch request is to group patches to- 
gether or to degroup previously grouped patches into 
individual patches. If so, the subroutine continues to 
step 560 to perform the indicated grouping or degroup- 
ing. If the patch request is not to group or degroup patch- s 
es, the subroutine continues to step 565 to determine if 
the patch request is to manipulate a patch or patch 
group. If so, the subroutine continues in step 570 to ma- 
nipulate the patch or the patches in a patch group as 
indicated. After step 510, 520, 530. 540, 550, 560, or io 
570, or if it is determined in step 565 that the patch re- 
quest does not manipulate a patch or a patch group : the 
subroutine continues to step 590 where it returns. 
[0058] Figure 6 is an exemplary flow diagram of an 
embodiment of the Patching Subsystem routine 600. 1 $ 
The Patching Subsystem routine is notified by the Com- 
mand Subsystem routine when patch sequences are to 
be added or manipulated for a compiled executable 
code file. The Patching Subsystem routine then creates 
the necessary patch handlers, patches the compiled ex- 20 
ecutable code file in the appropriate manner, and loads 
the patch handlers and the patched compiled executa- 
ble code file onto a target system. The routine begins at 
step 605 where one or more patch sequences are re- 
ceived for a compiled executable code file. This notifi- 2s 
cation from the Command Subsystem 1 34 can also in- 
dicate that previously added patches have been manip- 
ulated (e.g., removed or disabled). The routine contin- 
ues in step 610 to select the next received patch se- 
quence to be added or manipulated, beginning with the 30 
first received patch sequence. The routine then contin- 
ues to step 615, where an appropriate patch handler is 
created if the selected patch sequence indicates that a 
patching instruction is to be added to the compiled ex- 
ecutable code file. Alternately if an existing patch is be- 35 
ing changed, an existing patch handier can be accord- 
ingly modified or a new patch handler can be created to 
replace an existing patch handler For example, if a pre- 
viously added patch is being removed, the original 
patched instruction can be reinserted in the compiled 40 
executable code file in place of the patching instruction. 
Alternately, if a patch handler is being disabled, the first 
instruction of the patch handler could be modified to 
cause a jump to the end of the patch handler or to the 
instruction following the patching instruction. Similarly, 45 
if a patch is being qualified, the patch handler for that 
patch can be modified to include evaluation statements 
lo determine if the specified conditions are true. 
[0059] After step 61 5, the routine continues to 620 to, 
if a patching instruction needs to be added, replace the 50 
appropriate compiled executable code instruction with 
a patching instruction (e.g., a jump statement) to the cre- 
ated patched handler. If an existing patch handler is 
merely being modified, it will not be necessary to replace 
a compiled instruction with a patching instruction since 55 
the existing patching instruction will still be effective. 
While the illustrated embodiment uses a jump instruc- 
tion for patching instructions, those skilled in the art will 



appreciate that a patch handler can be invoked in a va- 
riety of ways, such as by using an interrupt mechanism 
or by including an identifier that will be resolved at exe- 
cution time to indicate an appropriate location in mem- 
ory on the target system. In addition, those skilled in the 
art will appreciate that a compiled transfer statement in- 
struction could be used as a patching instruction. After 
step 620, the routine continues in step 625 to determine 
if there are more patch sequences to be selected. If so, 
the routine returns to step 610 to select the next patch 
sequence, and if not, the routine continues to step 630. 
[0060] After patch handlers have been created or 
modified for each patch sequence and patching instruc- 
tions have been added to the compiled executable code 
file, the routine in step 630 loads the patched executable 
code file onto the target system. The routine then con- 
tinues in step 635 to load any created and/or modified 
patch handlers onto the target system. In the illustrated 
embodiment, the Patching Subsystem 136 does not 
perform memory management for target computer sys- 
tem 1 50, so the memory locations on the target system 
in which the created patch handlers will be loaded will 
not be known until execution time. Thus, the patching 
instructions inserted into the compiled executable code 
file merely reference the appropriate patch handler, with 
the reference to the appropriate memory location to be 
resolved at execution time. This type of reference reso- 
lution allows linking to be delayed until execution time. 
Thus, after step 635, the routine continues in step 640 
to update a Link Translation Table on the target system 
to reflect the unique identifiers for the created patch han- 
dlers. After step 640, the routine continues to step 645 
to determine if there are more patch sequences to re- 
ceive. If so, the routine returns to step 605 to receive 
patch sequences, and if not the routine continues to step 
690 and ends. 

[0061] Figure 7 is an exemplary flow diagram of an 
embodiment of the Code Fragment Executables Sub- 
system routine 700. The Code Fragment Executables 
Subsystem routine receives notifications from the Com- 
mand Subsystem 134 when code fragments are to be 
added to the compiled executable code file, creates ma- 
chine-independent non-compiled code fragment exe- 
cutables that can be interpreted by the Patch Interpreter 
Subsystem 181, and loads the created code fragment 
executables onto the target system. The routine begins 
in step 705 where code fragments to be added to the 
compiled executable code file are received from the 
Command Subsystem. The routine continues to step 
710 to select the next code fragment, beginning with the 
first code fragment. In step 715, the routine then creates 
a code fragment executable for the selected code frag- 
ment in a machine -independent format not specific to 
the target computer. In the illustrated embodiment, the 
code fragment executables are stored in parse tree for- 
mat. The routine then continues in step 720 to determine 
if there are more code fragments to process. If so, the 
routine returns to step 710 tc s lect the next code frag- 
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ment, and if not the routine continues to step 725. 
[0062] After the code fragment executables have 
been created, the routine in step 725 loads the created 
code fragment executables onto the taroet system. The 
routine then continues to step 730 to update the Link 
Translation Table on the target system to reflect the ref- 
erences for the created code fragment executables For 
example; if invokable code modules have been created 
for the patched compiled executable code file, an entry 
in the Link Translation Table can be used to resolve at 
execution time a reference to a code module, allowing 
flow of execution to be transferred to the appropriate 
memory location where the code fragment executable 
for the module is loaded in memory. Similarly, if varia- 
bles have been defined and made available to other por- 
tions of the code outside a self-contained variable scope 
(e.g., global variables), the L.nk Translation Table can 
be used to resolve references to those variables by oth- 
er portions of the code. Finally, if the code fragment ex- 
ecutables are loaded into memory separate Irom the 
patch handlers that will reference those code fragment 
executables, then the Link Translation Table can be 
used to resolve the references for each such code fraq- 
ment executable. 

[0063] Those skilled in the art will appreciate that if 
the memory locations for code fragment executables 
are known at the time that the patches and patch han- 
dlers are created, it may not be necessary to use a Link 
Translation Table to resolve those references. For ex- 
ample, if code fragment executables are included with 
the patch handlers which reference them, then each 
such code fragment executable would not need a 
unique identifier that could be resolved through the use 
of the Link Translation Table. After step 730, the routine 
continues in step 735 to determine if there are more 
code fragments to receive. If so. the routine returns to 
step 705, and if not the routine ends at step 790. 
[0064] Figure 8 is an exemplary flow diagram of an 
embodiment of the Patch Interpreter Subsystem routine 
800. The Patch Interpreter Subsystem routine receives 
an indication of a patched executable code file to be ex- 
ecuted, loads the patched compiled executable code file 
as well as associated patch handlers and code fragment 
executables into memory, executes the non-patched 
compiled instructions as native code for the target sys- 
tem, and executes the patch statements in an interpret- 
ed manner. Those skilled in the an will appreciate that 
in an alternate embodiment, before execution lime the 
Patch Interpreter Subsystem 181 or another subsystem 
could compile the target-independent code fragment ex- 
ecutables into compiled instructions that are native to 
the particular target system. In this situation, the Patch 
Interpreter Subsystem 181 would only be needed to re- 
solve references, such as for patch, handlers and code 
fragment executable modules, when such references 
are included in the patched compiled executable code 
file. 

[0065] The routine begins in step 805 where an indi- 



cation is received of the patched executable code file to 
be executed. In the illustrated embodiment, this indica- 
tion is received from the Command Subsystem 134 on 
the host computer system. In an alternate embodiment 
the Patch Interpreter Subsystem 181 could receive in- 
structions directly from a user on the target computer 
system if the target system included the necessary in- 
put/output devices. The routine then continues to step 
810 to toad the patch handlers and code fragment exe- 
10 cutables associated with the patched comoiled execut- 
able code file into memory if they are not already stored 
in memory. The routine then continues to step 815 to 
ensure that the Link Translation Table reflects the cur- 
rent memory addresses for the code fragment executa- 
bles and the patch handlers. After step 815, the routine 
continues to step 820 where the patched compiled ex- 
ecutable code file is loaded into memory if it is not al- 
ready stored in memory. The routine then continues to 
step 825 to execute the Execute Patched Executable 
Code subroutine. The routine then continues to step 830 
to determine if there are more patched compiled exe- 
cutable code files to execute. If so, the routine returns 
to step 805, and if not, the routine ends at step 890 
Those skilled in the art will appreciate that in an alternate 
embodiment, the Patch Interpreter Subsystem routine 
could execute multiple different patched executable 
code files at the same time. 

[0066] Figure 9 is an exemplary flow diagram of an 
embodiment of the Execute Patched Executable Code 
30 subroutine 825. The Execute Patched Executable Code 
subroutine receives and executes user commands if an 
interactive execution of the patched compiled executa- 
ble code file is in process. When a non-patched com- 
piled instruction is to be executed, it is executed as na- 
3S tive code. For each patch statement, the subroutine first 
determines if the statement is to be executed and then 
resolves link identifiers if necessary. The subroutine 
then satisfies trace requests by writing the specified 
trace information to a trace log on the target system 
«» executes code fragment executables by interpreting 
them, and notifies the Code Patcher system 133 of the 
execution status alter the instruction has been proc- 
essed. 

[0067] The subroutine begins at step 905 where it is 
determined if the current execution of the patched com- 
piled executable code file is to be done in an interactive 
mode. If so, the routine continues in step 910 to receive 
a user command. The subroutine then continues to step 
91 5 to determine if the received command is to execute 
the current instruction in the patched executable code 
file If not, the subroutine continues to step 920 to exe- 
cute the user command, and then continues to step 925 
to notify the Code Patcher system 1 33 of the results of 
executing the command. For example, a user may wish 
to see a current value for a variable or to specify a break 
point at a spot in the patched compiled executable code 
file. After such a break point has been set, the user may 
.nd.cate to continue execution in a non-interactive mode 
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until a break point is reached, thus causing execution to 
stop and returning execution of the patched executable 
code file to an interactive mode. After step 925, the sub- 
routine returns to step 905. 

[0068] If it was instead determined in step 905 that the s 
execution of the patched executable code file is not cur- 
rently in interactive mode, or if it was determined in step 
915 that the user command was to execute the current 
instruction, the subroutine continues in step 930 to se- 
lect the next instruction in the patched executable code 10 
file, beginning with the first instruction. The subroutine 
then continues to step 931 to determine whether the cur- 
rent instruction is to be currently executed. For example, 
the current instruction could be a patching instruction for 
a patch that is disabled or that is qualified with a condi- *5 
tion that is not currently met in the current environment. 
If the instruction is not to be currently executed, the sub- 
routine continues to step 970 where the Code Patcher 
system 133 will be notified of the status of execution of 
the current instruction if execution is occurring in an in- 20 
teractive mode. Those skilled in the art will appreciate 
that when an entire patch handler consisting of multiple 
patch statements has been disabled or is not qualified, 
the status of the patch handler can be indicated in a va- 
riety of ways. For example, a flag could be set when the 25 
patch handler was entered indicating that patch state- 
ments are not to be currently executed while the flag is 
set, with the flag being reset when the end of the patch 
handler is reached. Alternately, the patch handler could 
cause the flow of execution to skip any disabled patch 30 
statements. 

[0069] If it is determined in step 931 that the current 
instruction is to be executed, the subroutine continues 
to step 932 to determine if the instruction is a compiled 
instruction. If so, the subroutine continues to step 933 35 
to execute the current instruction in native mode on the 
targ t system, and then continues to step 970. If it is 
inst ad determined in step 932 that the current instruc- 
tion is a non-compiled patch statement or patching in- 
struction, the subroutine continues in step 935 to deter- <*o 
mine if the current instruction includes a link identifier 
refer nee that needs to be resolved. If so, the subroutine 
continues in step 940 to use the Link Translation Table 
to resolve the link identifier so that the current position 
in memory for the associated code can be accessed. *s 
After step 940, or if it is determined in step 935 that a 
link identifier is not present, the subroutine continues in 
step 945 to determine if the current instruction is a trace 
request. If so, the subroutine continues to step 950 to 
write the specified trace information to a trace log on the 50 
target system that can be retrieved by a user on the host 
computer system 100. If the trace request includes var- 
iable or expressions to be evaluated, they will be eval- 
uated in the context of the current variable scope. 
[0070] If it is instead determined in step 945 that the 55 
current instruction is not a trace request, the subroutine 
continues to step 965 to execute the code fragment ex- 
ecutable by interpreting it within the context of the cur- 



rent variable scope. For example, a global variable X 
may be defined, with the current flow of execution first 
entering Function 1 with a variable X that is local to that 
function and then entering a Function 2 with a distinct 
local variable X for that function. If patch code within 
Function 2 requires the evaluation of variable X, its cur- 
rent variable binding within the scope of Function 2 will 
be used for the evaluation. Those skilled in the art will 
appreciate that the current variable scope can be deter- 
mined in a variety of ways, such as by using symbol ta- 
ble information from the patched executable code file or 
the current variable block on the stack. After step 950 
or 965, the subroutine continues at step 970 to notify the 
Code Patcher system 1 33 of the status of executing the 
current instruction if execution is occurring in interactive 
mode. The subroutine then continues to step 975 to de- 
termine if there are more instructions to be executed in 
the patched compiled executable code file. If so, the 
subroutine returns to step 905, and if not the subroutine 
returns in step 990. 

[0071] From the foregoing it will be appreciated that, 
although specific embodiments of the invention have 
been described herein for purposes of illustration, vari- 
ous modifications may be made without deviating from 
the spirit and scope of the invention. Accordingly, the 
invention is not limited except as by the appended 
claims. 



Claims 

1 . A method for modifying an executable file including 
a plurality of compiled instructions, the compiled in- 
structions natively executable on a target computer 
but not on a source computer, the modifying per- 
formed under control of the source computer with- 
out recompiling or relinking or rewriting the execut- 
able file, the method comprising: 

under control of the source computer, 

(a) loading the executable file onto the tar- 
get computer; 

(b) receiving a plurality of indications to 
modify the loaded executable file, each in- 
dication specifying one of the compiled in- 
structions in the loaded executable file and 
at least one non-compiled executable in- 
struction to be added to the loaded execut- 
able file; 

(c) modifying the loaded executable file by. 
for each indication, 

creating an instruction group including 
the specified at least one non-com- 
piled executable instruction; 
converting the instruction group into 
an executable non-compiled format 



25 



EP 1 014 263 A2 



26 



not specific to the target computer; and 
replacing the specified compiled in- 
struction in the loaded executable file 
with an executable patch instruction 
associated with the converted instruc- 
tion group, the patch instruction when 
executed to transfer flow of execution 
to the converted instruction group with 
which the patch instruction is associat- 
ed; and 

(d) loading the converted instruction 
groups into at least one memory area on 
the target computer, the at least one mem- 
ory ar ea distinct from a memory area on the 
target computer containing the loaded ex- 
ecutable file; and 

under control of the target computer, executing 
the modified loaded executable file by, as the 
flow of execution sequentially reaches each ex- 
ecutable instruction 
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(e) when the executable instruction is a 
non-compilod executable instruction from 
an instruction group, interpretively evaluat- 
ing the executable instruction; 

(f) when the executable instruction is a 
patch instruction, transferring flow of exe- 
cution to the loaded associated converted 
instruction group; and 

(g) when the executable instruction is a 
compiled instruction, natively executing 
the compiled executable instruction, 

so that additional functionality is exhibited when the 
modified loaded executable file is executed on the 
target computer. 

The method of claim 1 wherein after performing 
steps (a)-(g) a first time, steps (b)-(g) are performed 
a second time without performing step (a) a second 
time such that the modified loaded executable file 
is further modified and then executed without re- 
loading the executable file. 

A computer-implemented method for adding in- 
structions to be executed to an executable compiled 
file without recompiling or rewriting the file, the 
method comprising: 
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receiving an indication to modify the compiled 
file, the indication specifying a compiled in- 
struction in the compiled file and at least one 
executable instruction to be added; 
modifying the compiled file by.. 

creating a patch group including the spec- 
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ified at least one executable instruction - 
and 

replacing the specified compiled instruc- 
tion in the compiled file with a patch instruc- 
tion such that flow of execution will transfer 
to the created patch group upon execution 
of the patch instruction; and 

storing separate from the patch group the mod- 
ified compiled file including the oaten instruc- 
tion, 

so that instructions in the patch group will be exe- 
cuted when the modified compiled file is later exe- 
cuted. 

4. The method of claim 3 wherein the modified com- 
piled file is executed on a separate computer, and 
including: 

supplying to the separate computer at least one 
direction related to the execution of the modi- 
fied compiled file: and 

displaying received results of performance of 
the supplied direction. 

The method of claim 3 wherein without removing 
the patch instruction from the modified compiled 
file, the patch group is disabled such that the in- 
structions in the patch group are not executed when 
the modified compiled file is executed. 

A computer-implemented method for executing a 

modified compiled file including a plurality of original 
compiled instructions and at least one patch instruc- 
tion in place of an original compiled instruction, 
each patch instruction when executed to transfer 
flow of execution to an associated patch group in- 
cluding a plurality of instructions, the method com- 
prising: 

loading the modified compiled file and the as- 
sociated patch groups into memory; and 
executing the modified compiled file by, as the 
flow of execution reaches each executable in- 
struction, 

when the executable instruction is an orig- 
inal compiled instruction, natively execut- 
ing the executable instruction; 
when the executable instruction is one of 
the patch instructions transferring flow of 
execution to the associated patch group for 
the patch instruction; and 
when the executable instruction is one of 
the plurality of instructions from a patch 
group, interpretively evaluating ihe execut- 
able instruction 
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7. A computer system for adding instructions to be ex- 
ecuted to an executable compiled file without rec- 
ompiling or rewriting the file, comprising: 

a command subsystem for receiving indica- 5 
tions to modify the compiled file, each indica- 
tion specifying a compiled instruction in the 
compiled file and at least one executable in- 
struction to be added; and 
a patching subsystem for modifying the com- to 
piled file by creating for each received indica- 
tion an associated patch group including the 
specified at least one executable instruction, 
and by replacing the specified compiled instruc- 
tion in the compiled file with a patch instruction is 
such that flow of execution will transfer to the 
associated patch group upon execution of the 
patch instruction. 

8. A computer-readable medium containing instruc- 20 
tions for controlling a computer system to add in- 
structions to be executed to an executable compiled 

file without recompiling the file, by: 

receiving an indication to modify the compiled 25 
file, the indication specifying a compiled in- 
struction in the compiled file and at least one 
executable instruction to be added; and 
modifying the compiled file by, 

30 

creating a patch group including the spec- 
ified at least one executable instruction; 
and 

replacing the specified compiled instruc- 
tion in the compiled file with a patch instruc- 35 
tion such that flow of execution will transfer 
to the created patch group upon execution 
of the patch instruction. 

9. The computer-readable medium of claim 8 wherein *o 
the computer system is further controlled by, after 
the modifying of the compiled file executing on a tar- 
get computer the modified compiled file by, when 

an instruction to be executed is the patch instruc- 
tion, indicating an instruction in the created patch 45 
group as a next instruction to be executed. 

10. The computer-readable medium of claim 9 wherein 
the computer system is further controlled by, after 
the executing of the modified compiled file, perform- so 
ing the modifying and the executing again without 
reloading the compiled file into memory. 
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(54) Method and system for modifying executable code to add additional functionality 



(57) A system for modifying a compiled executable 
code file by adding patches that add functionality when 
the modified executable code file is executed. The mod- 
ifying is performed without recompiling, relinking or re- 
writing the code file. Adding a patch involves creating a 
patch handler which when executed causes the patch 
statements to be executed, and may involve replacing 
one or more existing compiled instructions in the file with 
patching instructions to transfer flow of execution to the 
appropriate patch handler. The instructions replaced by 
the patching instructions can also be added to the patch 
handler. Patches can also include code statements 
which form a complete module, such as an invokable 
routine, which can be referenced by other patch state- 



ments to cause the module to be executed. Specialized 
trace requests can also be added as patch statements. 
The trace requests will make specified information 
about the current execution of the executable code file 
available to a software developer. Patch statements can 
include variables and expressions that will be evaluated 
in the context of the appropriate current variable scope, 
regardless of whether the scope is defined within the 
patch or by existing compiled instructions. After patches 
have been added, they can be disabled so as to prevent 
their execution without removing the patching instruc- 
tions from the compiled executable file. Patches can al- 
so be qualified with conditions such that the patch will 
be executed only when the conditions are true at the 
time of execution. 
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